Cyber Security - Strategy and Transformation Sr. AssociateGrant Thornton1/6/2020 8:04:33 AMJOB ID: 045180Specialty: Chicago, Illinois Grant Thornton LLP (Grant Thornton) is the U.S member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.
As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals, dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.
Cyber Strategy and Transformation Sr. Associate
As companies become increasingly dependent on information technology (IT) to conduct daily business activities, they need to secure and control their technology infrastructure. Grant Thornton's Cyber Risk Advisory Services practice addresses these security and control issues. We are looking for consultants with extensive consulting, technological and industry experience who will help our clients solve their complex business issues from strategy through execution. A Cyber Risk consulting career will provide the opportunity to grow and contribute to our clients' business issues every day, applying a collection of information and Cyber security capabilities, including security and privacy strategy and governance, IT risk, security testing, technology implementation/operations, and cyber crime and breach response.
Our Cyber Strategy and Transformation services help clients understand the current cyber security risk landscape, make cyber security a collective priority, and develop and implement solutions across people, processes, and technologies. We provide the foundations to design, manage and operate a cyber security program aligned to business strategy, and increase organizational resilience in the face of an ever-changing threat landscape.
Essential Duties and Responsibilities
Adhere to the highest degree of professional standards and strict client confidentiality. Support execution of assigned client engagements from start to finish, which includes the working on the deliverables independently, in collaboration with the client, engagement planning, directing, and completion of IT security assessments and Information Security architectural design and deployments. Apply current knowledge of technology and cyber trends and to identify security and risk management issues and other opportunities for improvement. Assist clients in planning and executing remediation plans identified in assessment activities. Work with the client to plan an engagement strategy, define objectives, and address technology- related controls risks and issues. Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements. Participate in professional development activities and training sessions on regular basis. Other job duties as assigned.
Minimum Year(s) of Experience: 3 years. Bachelor's degree in Information Technology, Computer Science or a related field is required. Masters in cybersecurity, Information system or business administration is preferred. Certification(s) Preferred: Certified Information Systems Security Professional (CISSP ), Certified Information Security Manager (CISM), ISACA, Certified in Risk and Information Systems Control (CRISC) Complete understanding of Industry Standards/frameworks such as COBIT, NIST, ISO 27001, and PCI-DSS etc. is necessary. Demonstrate proven and extensive abilities solving complex cyber-risk management issues, including the following areas: Design and development of IT Risk and Cyber security programs using industry frameworks and methodologies; Designing KRIs and metrics to build risk reports for management Implementation and maintenance of enterprise-wide cyber risk governance frameworks; Assessment of enterprise-wide business risks and cyber threats; Development of detailed business risk scenarios and cyber threat models; Design and implementation of cyber risk management controls; Monitoring and reporting of cyber risks, threats and vulnerabilities; Development, implementation and periodic testing of cyber resiliency plans; Use of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities; Advising clients on complying with regulatory requirements such as FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI; Building and operationalizing complex IT risk management and cyber security programs for clients.
Strong analytical skills and problem-solving approach. Take ownership of your work, by performing self-reviews of all work performed. Produce high quality deliverables on client engagements requiring little re-work. Ensure they are on-time and well organized. Ability to deal with ill-defined problems and propose coherent solutions for the client. Manage the team comprising of seniors and associates and maintain professionalism across team. Apply current knowledge of IT trends and systems processes to identify security and risk management issues and other opportunities for improvement. Assist clients in developing and executing risk management activities. Participate in clients call as Security SME, provide solutions best fitted to the requirement and in line with the Industry best practices. Be regarded as Information Security SME in the firm for operational and proposal assistant. Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships. Ability to work additional hours and travel on a regular basis to clients as required. Travel for this position can go as high as 60%.
Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits, please visit www.gt.com.
It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability or any other characteristic protected by applicable federal, state or local law.
Requisition ID: 045180
Chicago, IL Chicago, Illinois
Equal Employment Opportunity: It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.
Grant Thornton endeavors to make / accessible to any and all users. If you would like to contact us regarding the accessibility of our website or if you need assistance or accommodation to complete the application process, please contact us at .